Empowering In-House Cybersecurity Excellence at a Fortune 500 Bank with SnapAttack
DOWNLOAD NOW > The goal was simple: This Fortune 500 financial institution wanted to fill the expertise gap, empower their existing team, and measurably mature their overall cyber defense capabilities. SnapAttack addressed the bank’s challenges with features tailored to their needs, resulting in: enhanced detection capabilities a streamlined detection process greater ROI and efficiency […]
Threat Profiles: Figuring Out Which Threats Matter
What are Threat Profiles? In a typical security operations center (SOC), the threat detection and response teams have one key objective: identify and stop the bad guys. To do so, they invest in the best tools, recruit the best team members, and work tirelessly to stay ahead of any potential security incidents that might be […]
SnapAttack Platform Integrations
DOWNLOAD NOW > What’s in this Datasheet? SnapAttack was built to power not just one tool, but to help you get the most out of any security tool. Download to view the security tools with which SnapAttack has translation and API integrations. DOWNLOAD >
Hunting Impacket: Part 2
Impacket Overview Welcome back. This is part two of our blog series covering the Impacket example tools. Impacket is a collection of Python classes focused on providing tools to understand and manipulate low-level network protocols. This capability enables you to craft or decode packets of a wide variety of protocols such as IP, TCP, UDP, […]
Google Chronicle and SnapAttack
DOWNLOAD NOW > What’s in this Datasheet? SnapAttack is an intelligence-driven threat detection platform that provides threat-specific detection rules and hunting searches, recommended based off of an organization’s unique threat profile, for teams to quickly and easily implement in Chronicle. DOWNLOAD >
Hunting Impacket: Part 1
Impacket Overview Impacket is a collection of Python classes focused on providing tools to understand and manipulate low-level network protocols. This capability enables you to craft or decode packets of a wide variety of protocols such as IP, TCP, UDP, ICMP, and even higher-level protocols like SMB, MSRPC, NetBIOS, and others.One of the key strengths […]
How to Measure Threat Hunting ROI
The Problem with Threat Hunting Metrics Threat hunting is a massive commitment of time, resources, team members, and technology. Any investment that impactful would normally be one that was carefully measured to ensure it was driving sufficient value for the team. The thing is, there’s no established benchmark of “success” in threat hunting. Measuring the […]
Creating Actionable Threat Intelligence for Threat Hunters
Ask any security leader and they’ll tell you actionable threat intelligence is the cornerstone of a successful, threat-informed security operations center (SOC). However, to be of any real value to the team, threat intelligence needs to be relevant, timely, and supportive of next steps for the teams that utilize it. Due to the sheer volume […]
SnapAttack ThreatLabs: How to Detect CVE-2023-46214
Authored by Trenton Tait Threat Researcher at SnapAttack Linkedin Table of Contents: Intro + Overview Exploitation Example MITRE Mitigations Conclusion Detections, Attack Captures, and Resources CVE-2023-46214 is identified as a Remote Code Execution (RCE) vulnerability within Splunk Enterprise, as reported in the Splunk security advisory SVD-2023-1104 on November 16, 2023. Successful exploitation of this vulnerability […]
Threat Management isn’t Fantasy Football
Get your access to the webinar recording: Duration: 58 minutes | Partnering webinar with: Google Cloud Security About the Webinar Find out how to build and operate a game-winning threat management strategy by aligning your team, automating cumbersome processes, and measuring the right metrics (the ones that matter to your unique SOC). Join us […]